Posted
by
samzenpus
on Monday September 08, 2014 @02:31PM
from the read-all-about-it dept.

benrothke writes Most books about cloud computing are either extremely high-level quasi-marketing tomes about the myriad benefits of the cloud without any understanding of how to practically implement the technology under discussion. The other type of cloud books are highly technical references guides, that provide technical details, but for a limited audience. In Architecting the Cloud: Design Decisions for Cloud Computing Service Models, author Michael Kavis has written perhaps the most honest book about the cloud. Make no doubt about it; Kavis is a huge fan of the cloud. But more importantly, he knows what the limits of the cloud are, and how cloud computing is not a panacea. That type of candor makes this book an invaluable guide to anyone looking to understand how to effective deploy cloud technologies. Keep reading below for the rest of Ben's review.

Extremely honest and enlightening book on how to effectively use the cloud

The book is an excellent balance of the almost boundless potential of cloud computing, mixed with a high amount of caution that the potential of the cloud can only be manifest with effective requirements and formal security architecture.

The full title of the book is: Architecting the Cloud: Design Decisions for Cloud Computing Service Models: SaaS, PaaS, and IaaS. One of the mistakes of using the cloud is that far too many decision makers rush in, without understanding the significant differences (and they are significant) between the 3 main cloud service models.

In chapter 1, he provides a number of enthusiastic cloud success stories to set the stage. He shows how a firm was able to build a solution entirely on the public cloud with a limited budget. He also showcases Netflix, whose infrastructure is built on Amazon Web Services (AWS).

Chapter 3 is titled cloud computing worst practices and the book would be worth purchasing for this chapter alone. The author has a number of cloud horror stories and shows the reader how they can avoid failure when moving to the cloud. While many cloud success stories showcase applications developed specifically for the cloud, the chapter details the significant challenges of migrating existing and legacy applications to the cloud. Such migrations are not easy endeavors, which he makes very clear.

In the chapter, Kavis details one of the biggest misguided perceptions of cloud computing, in that it will greatly reduce the cost of doing business. That is true for some cloud initiatives, but definitely not all, as some cloud marketing people may have you believe.

Perhaps the most important message of the chapter is that not every problem is one that needs to be solved by cloud computing. He cites a few examples where not going with a cloud solution was actually cheaper in the long run.

The book does a very good job of delineating the differences between the various types of cloud architectures and service models. He notes that one reason for leveraging IaaS over PaaS, is that when a PaaS provider has an outage, the customer can only wait for the provider to fix the issue and get the services back online. With IaaS, the customer can architect for failure and build redundant services across multiple physical or virtual data centers.

For many CIO's, the security fears of the cloud means that they will immediately write-off any consideration of cloud computing. In chapter 9, the author notes that almost any security regulation or standard can be met in the cloud. As none of the regulations and standard dictate where the data must specifically reside.

The book notes that for security to work in the cloud, firm's needs to apply 3 key strategies for managing security in cloud-based applications, namely centralization, standardization and automation.

In chapter 10, the book deals with creating a centralized logging strategy. Given that logging is a critical component of any cloud-based application; logging is one of the areas that many firms don't adequate address in their move to the cloud. The book provides a number of approaches to use to create an effective logging strategy.

The only issue I have with the book is that while the author is a big fan of Representational state transfer (REST), many firms have struggled to obtain the benefits he describes. RESTful is an abstraction of the architecture of the web; namely an architectural style consisting of a coordinated set of architectural constraints applied to components, connectors and data elements, within a distributed hypermedia system. REST ignores the details of component implementation and protocol syntax in order to focus on the roles of components, the constraints upon their interaction with other components, and their interpretation of significant data elements.

I think the author places too much reliance on RESTful web services and doesn't detail the challenges in making it work properly.RESTful is not always the right choice even though it is all the rage in some cloud design circle.

While the book is part of the Wiley CIO Series, cloud architects, software and security engineers, technical managers and anyone with an interest in the cloud will find this an extremely valuable resource.

Ironically, for those that are looking for ammunition why the cloud is a terrible idea, they will find plenty of evidence for it in the book. But the reasons are predominantly that those that have failed in the cloud, didn't know why they were there in the first place, or were clueless on how to use the cloud.

For those that want to do the cloud right, the book provides a vendor neutral approach and gives the reader an extremely strong foundation on which to build their cloud architecture.

The book lists the key challenges that you will face in the migration to the cloud, and details how most of those challenges can be overcome. The author is sincere when he notes areas where the cloud won't work.

For those that want an effective roadmap to get to the cloud, and one that provides essential information on the topic, Architecting the Cloud: Design Decisions for Cloud Computing Service Models is a book that will certainly meet their needs.

I love that add-on because I keep forgetting I have it installed, then, out of the blue, BAM!, a sentence no longer makes sense but is much more fun: "Hospitals now delivering babies in my butt, film at 11!".

How would a cloud provider assure customers that their data will remain secure if they go bankrupt or just quit the business?

As of now, if a provider tanks, the servers go to the auction house, and in theory, are blanked. However, in reality, there is no assurance of that, and the buyer will get all data stored free and clear. If they wanted to do a multi-terabyte torrent of a failed bank's account and transaction data, they can, and nothing legally could stop them.

There is also the question of how good a job they do with encrypting the data. Who at the cloud company would have the ability to decrypt the data? Are there regular security audits by an outside party who can affirm that the things the cloud company claims are in fact accurate?

It gets even more complicated for enterprise users. What happens when an employee leaves the company? How is access controlled to prevent continued access? What about data that you might possess that you might have received unde

"There is also the question of how good a job they do with encrypting the data."

Most let you manage your own keys. So as long as you have a reasonable key management, it's up to YOU, not the provider.

"Are there regular security audits by an outside party who can affirm that the things the cloud company claims are in fact accurate?"

For the big players, yes. http://aws.amazon.com/complian... [amazon.com]. Also "AWS has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). We undergo annual SOC 1 audits and have been successfully evaluated at the Moderate level for Federal government systems as well as DIACAP Level 2 for DoD systems."

Every one of those compliances requires auditing.

"What happens when an employee leaves the company? How is access controlled to prevent continued access?"

You federate your enterprise IAM with your cloud provider. Most support some form of SAML or OAuth. ADFS (an MS product) supports such things easily. You terminate the employee in your normal system and their IAM account is terminated. Also, you don't give deep credentials to most people but rather wrap them in services. You then stash those credentials in a secret/key server.

If I'm running your OS in a hyper-visor, I can pause the VM and dump the memory. Then I've got your key because the OS loads the key into memory.

Your provider can see your data in the clear. End of Story. Physical hardware is the be's all end's all.

Some things are true across all the big players (I don't know about the government-audited services; I can only imaging there's even more tracking).

If you're running the service, you don't have access to the datacenters, and likely don't even have access to the location of the data centers (the big players all keep exact datacenter locations somewhat secret - they have addresses, but the addresses don't mean much). If you work at the data center, you don't know what any given server is doing. So you don't

How would a cloud provider assure customers that their data will remain secure if they go bankrupt or just quit the business?

As of now, if a provider tanks, the servers go to the auction house, and in theory, are blanked. However, in reality, there is no assurance of that, and the buyer will get all data stored free and clear. If they wanted to do a multi-terabyte torrent of a failed bank's account and transaction data, they can, and nothing legally could stop them.

Like, a contract to escrow the cost of the wiping and/or returning of all relevant hardware to the original owner? There are plenty of precedents in contract law to mitigate risk in the case of bankruptcy. Just because you can't think of them doesn't mean they aren't there.

I don't know a single cloud provider that would provide that contract. In other lines of work, there would be a third party escrow company. However, with a cloud provider, since decryption would be needed, the only way to provide any assurance is to have some backend appliances that do encryption and are rented, with a paid deposit that once the rental ceases, all keys are wiped. That way, a bankrupt provider would have all their servers sold, but the encryption appliances would be owned by another party

I don't know a single cloud provider that would provide that contract. In other lines of work, there would be a third party escrow company. However, with a cloud provider, since decryption would be needed, the only way to provide any assurance is to have some backend appliances that do encryption and are rented, with a paid deposit that once the rental ceases, all keys are wiped. That way, a bankrupt provider would have all their servers sold, but the encryption appliances would be owned by another party. Of course, this may not mean much as it might be a fight wresting the leased items from the bankruptcy trustee, but in theory, it helps put at least a layer in place of protection.

However, I don't know any cloud provider who would spend the time and effort to do this, just because the current system of assuring people that "passwords", "encryption", and "firewalls" is good enough.

If you don't care that the data is "gone for good" then a split encryption system is not needed, just a thorough erasure system (which is where an escrowed sum comes into play, to cover the cost of a third party service performing on-site wiping of all hard drives with customer data in the event of bankruptcy). I also do not know of a single cloud provider that does this today, the cost difference at scale of a cloud solution vs a managed hosting solution is not that great, so a company with truly invaluab

Because "selfie" fills a legitimate and objective need, filling a void created by an advancing technology and culture, neatly and succintly describing a "photograph of someone taken by that same someone, intended primarily for social media."

"Architecting" is superfluous, already synonymous with the shorter and more familiar "building" and "designing," and it contains the pompous subtext of equating the skills and efforts of an archi

Until such time that the tech community of the world can and will effectively deal with (i.e. either convince to stop misbehaving or just kill 'em) all the brilliant psychopathic programmers in their mist that create malware and viruses that defraud millions of people, then it is plain madness and criminal negligence to encourage people to entrust their data to some unknown and unmonitored external entity such as the 'cloud'.

Until that time, safe and productive cloud computing is just a fantasy. It's a so

:::entrust their data to some unknown and unmonitored external entity such as the 'cloud'.

Do you really consider Amazon Web Services unknown and unmonitored?

The granularity of what they can report on shows their monitoring capabilities are quite sophisticated.:::Until that time, safe and productive cloud computing is just a fantasy. It's a solution in search of problem. Avoid it.

I think the facts speak for themselves. There are thousands of examples of safe and productive instances of cloud computing,

The main bottleneck of "the cloud" is standards. Unless organizations can easily swap vendors and make their own (optional) backups without hassles, the "cloud" will continue to be a fractured, risky, and messy place.

The problem is that there are no incentives to standardize because service companies don't want the market to become a commodity because commoditization usually eats their profits (at least in the industrialized world) just like it did with PC's. They want you to be locked in to Their Way so th

Mod this up please--this statement right here: "The problem is that there are no incentives to standardize because service companies don't want the market to become a commodity because commoditization usually eats their profits (at least in the industrialized world) just like it did with PC's. They want you to be locked in to Their Way so that you can't leave for competitors." is responsible for most of the competing standards and general "upgrade or die/walled garden" clusterfucks in Tech.

There is no time when "The Cloud" is a good idea. In fact, I'd say it's even worse than "Closed source" software. Because no you not only lose access to the application, you lose access to your data as well. And trust me, the cloud service provider will use that access against you. I have yet to see a contract negotiation with a cloud service provider that didn't eventually devolve into the Cloud threatening to cut off access to the data with no option to export if the user didn't agree to unfavorable terms. This doesn't happen "Sometimes" this happens every time... with multiple vendors. They are very friendly and the rates are cheap at first, but after you've been with them for a few years... Then they start turning the screws. Unless you control "The cloud" yourself, stay very very far away.

the Cloud threatening to cut off access to the data with no option to export if the user didn't agree to unfavorable terms

That's a *very* strong assertion. In fact, it seems like the sort of thing that the courts would stop, hard. It's essentially extortion. It's absolutely the sort of thing that would send customers screaming... and discouraging everyone around them. I find it hard to believe that any reputable cloud service provider would dare risk their business by doing something like that.

That's a *very* strong assertion. In fact, it seems like the sort of thing that the courts would stop, hard. It's essentially extortion. It's absolutely the sort of thing that would send customers screaming... and discouraging everyone around them. I find it hard to believe that any reputable cloud service provider would dare risk their business by doing something like that.

Lost track of number of people who have called in with issues trying to extract data from various providers.

Either they claim they can't do it, provider cut them off and they are screwed or provider feels it necessary to charge a massive fee to extract customers data. Another fine twist is allowing access to data but not in a way it could practically be extracted.

Guessing some of these are cases of you owe us money and we're leveraging whatever we can to force you to pay yet some have specifically mentione

Expecting they would not seek to maximally leverage their position is not a serious option.

Well, as a Googler, I definitely do not expect Google to do anything remotely like this with their cloud offerings. Heck, Google is careful to ensure there are mechanisms for users of their free services to take their data out, and holding someone's data hostage for more money or whatever just runs counter to everything the culture holds important. I don't think Amazon would do it either. Smaller players... I suppose it's possible, but it still seems like bad business on their part.

Will an experienced admin (20+ years *NIX) that's currently using RackSpace (dedicated and cloud) learn anything from this book? It's so hard to tell from this review.

I've been using RackSpace for a few months now and I find that it's not much different than hosting the servers myself except I don't have to deal with things like router/switch configuration and hardware replacements.

:::::Will an experienced admin (20+ years *NIX) that's currently using RackSpace (dedicated and cloud) learn anything from this book? It's so hard to tell from this review.

I think so.:::I've been using RackSpace for a few months now and I find that it's not much different than hosting the servers myself except I don't have to deal with things like router/switch configuration and hardware replacements.

From a hosting and sys admin perspective, it is not a radical difference.

"Most books about cloud computing are either extremely high-level quasi-marketing tomes about the myriad benefits of the cloud without any understanding of how to practically implement the technology under discussion. "

Or....?

You didn't even get your first sentence right, I'm not going to read about the rest of your thoughts.

I was hoping for some diagrams and detailed textual analysis. I read somewhere that Netflix originality went with the 'Cloud' but quality-of-service was so poor, they had to go out and build their own content delivery backend.